Countries and Conferences should be read alongside Trusted Research Guidance for Academia. It is aimed at academics who are involved in international research collaborations and provides advice and guidance on some of the main challenges presented when working or travelling overseas. It will be particularly relevant in the following situations:
- Meetings and conferences
- Hosted research
- Visiting researchers
- Conference speakers
- Visits to academic institutions
- Visits to overseas industrial partners or sponsors
Understand the risk
Before you travel you should consider completing a risk assessment. Take a proportionate approach which considers the country you are visiting and the reason for your visit. Keep this under review up to the point of departure, as well as during the trip, as the situation may change quickly.
Your primary source of information for advice in relation to overseas travel should always be the Foreign and Commonwealth Office (FCO) website. The Intellectual Property Office (IPO) also provides specific advice and guidance on the intellectual property (IP) protections afforded in a range of different countries. You should also check the individual policies and procedures that your institution operates.
When assessing the risk, you may wish to consider the following questions about your destination country:
- What sort of protection is provided for academic freedom?
- What is the Foreign and Commonwealth Office advice?
- Are you travelling to a country where sanctions may have been imposed by the UK?
- Is the nature of the research that you undertake sensitive?
- What is the legal and legislative environment and is there potential for your activities to be misunderstood?
- Could your research or academic activities be perceived as a threat to a country whose democratic and ethical values differ from our own?
Compliance in foreign jurisdictions
If you are collaborating with an international partner there may be laws and regulations which you need to comply with in your collaborator's country. Most countries will maintain some form of export control, they may have laws which restrict their institution's ability to share data or research outcomes, and the legal protections around IP may also differ in those jurisdictions.
You should not assume that your research partner will take responsibility for such compliance, and you should be aware of any requirements that impact the collaboration.
SUPPORTING STAFF OVERSEAS
If you have staff working in a country whose democratic and ethical values are different from our own, your risk assessment could include the following:
- If something happens to one of your colleagues when they are working overseas, who should they report it to?
- How often do you check whether they have concerns or issues? o What agreements are there with the institution that will be hosting them overseas?
- What are the rules and laws that they are required to comply with in that country?
- Do any laws conflict with any of the agreements that you have made with that institution?
- Will the work that they conduct be subject to UK export control?
- Are your colleagues aware of the export control laws, national security laws and IP arrangements in the country where they are working?
Nationals of a country which may not have the same legal or constitutional rights as the UK may be more vulnerable when travelling. Managers should exercise a duty of care in such circumstances where there is a risk that they may face duress.
Staff negotiating overseas research collaborations also assume greater risk on behalf of their institutions. Refer to the Trusted Research Guidance for Academics to ensure that they have a good understanding of the risks and ensure that you have set a clear framework and scope for their engagement.
Cyber security advice
When travelling overseas, it is almost certain that you will want to take mobile IT devices with you, such as a laptop, tablet and/or mobile phone. However, think carefully about the work and personal information they contain and what the impact would be if any of the devices were lost or stolen. Your institution's IT department will be able to advise you how to manage your information, and may well be able to provide you with clean devices that contain only the information essential to your trip.
If you do decide to take devices, here are the basic cyber security tips that you should consider for your trip:
- Check with your network operator or IT department whether your technology will work abroad and what costs are involved. It may be safer and cheaper to buy a pay-as-you-go phone
- Make sure your devices are password/passcode protected and use other security features, such as fingerprint recognition. Passwords/passcodes should be unique for each account and device
- Many email and social media providers offer two-factor authentication. You should turn this on for important accounts; it makes it harder for other people to access your accounts and can provide alerts if others are attempting to access your accounts without your permission
- Consider removing data or information from devices that you would not want to share; this may include research or information about IP
- Consider the use of Virtual Private Networks (VPNs) to manage communication back to the UK. However, be aware of any local rules on VPN usage, which is normally permitted but access must be provided if requested by law enforcement
- Consider activating device-wide encryption - see page opposite for the benefits of encrypting the data we store
- Turn on the ability to wipe your phone should it become lost. Back up all your data and photos before you travel
- Make sure all your software and apps are up to date prior to leaving the UK. If you are taking a laptop, make sure your antivirus is turned on, USB autorun is turned off, the laptop is password protected and will not automatically connect to Wi-Fi networks
- Never download apps from unofficial providers, either in the UK or abroad. Unofficial app stores cannot be trusted; there is no way of knowing if the app is genuine
With overseas conferences being a normal part of academic life, researchers will understandably focus on their presentations and potential research opportunities, rather than the security issues associated with travelling to a different country. Part of your preparation for any overseas conference should be to:
- Consider the country that you are travelling to, and be aware of local laws and customs
- Think carefully about what information you share or present
- Make sure you understand your host country's attitude to academic freedom and discussion
- Ensure that any payments you accept for attendance do not create a conflict of interest, or place you in a contractual breach or breach of university policies
- Be clear on the areas of research that you can, and cannot, talk about
- Be polite but firm if pressed to share more information
- Report any suspicions to your manager and the appropriate university authority
See the FCO website for more detailed travel advice, including how to seek consular assistance in any country.
- Academic Freedom Monitoring Project
- FCO Travel advice
- ICO Guide to GDPR
- Intellectual Property Office Countries Guidance
- Two-factor authentication
- Virtual Private Networks (VPN)
- Cyber Aware
- NCSC Small Business Guide
- Department for International Trade Export Control Joint Unit (ECJU)
- Your Technology Transfer Office, legal department or other relevant supporting corporate services should be able to help with advice on export control issues. ECJU also provides a support point of contact which is able to advise on whether a particular end user is likely to be of concern or not. You can contact the ECJU on 020 7215 4594 or by email on [email protected].